package com.javajun.security;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;

import com.javajun.service.SysUserService;

@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
    @Autowired
    private SysUserService sysUserService;

    /* AuthenticationSuccessHandler */

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.userDetailsService(sysUserService).passwordEncoder(new BCryptPasswordEncoder());
        auth.inMemoryAuthentication().withUser("秦源").password("{noop}1111").roles("DVP", "ADMIN");
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.csrf().disable();// 关闭打开的csrf保护
        http.formLogin().loginPage("/login").permitAll().defaultSuccessUrl("/index").failureUrl("/login?erro").permitAll();
        http.authorizeRequests().antMatchers("/bootstrap-3.3.7/**").permitAll();
        http.authorizeRequests().antMatchers("/jqgrid/**").permitAll();
        http.authorizeRequests().antMatchers("/laydate/**").permitAll();
        http.authorizeRequests().antMatchers("/assets/**").permitAll();
        http.authorizeRequests().antMatchers("/doc/**").permitAll();
        http.authorizeRequests().antMatchers("/webjars/**").permitAll();
        http.authorizeRequests().antMatchers("/enterprise/register").permitAll();
        http.logout().logoutUrl("/logout").permitAll();
        http.authorizeRequests().anyRequest().authenticated();
        http.headers().frameOptions().disable();
    }

    /*
     * @Override protected void configure(HttpSecurity http) throws Exception { http
     * .csrf().disable();// 关闭打开的csrf保护
     * http.formLogin().loginPage("/login").permitAll().defaultSuccessUrl("/index").
     * failureUrl("/login?erro");
     * http.authorizeRequests().antMatchers("/bootstrap-3.3.7/**").permitAll();
     * http.authorizeRequests().antMatchers("/jqgrid/**").permitAll();
     * http.authorizeRequests().antMatchers("/laydate/**").permitAll();
     * http.authorizeRequests().antMatchers("/assets/**").permitAll();
     * http.authorizeRequests().antMatchers("/doc/**").permitAll();
     * http.authorizeRequests().antMatchers("/webjars/**").permitAll();
     * http.logout().logoutUrl("/logout").permitAll();
     * http.authorizeRequests().anyRequest().authenticated();
     * http.headers().frameOptions().disable(); }
     */
}
